summaryrefslogtreecommitdiffstats
path: root/security/manager
diff options
context:
space:
mode:
Diffstat (limited to 'security/manager')
-rw-r--r--security/manager/ssl/nsISiteSecurityService.idl5
-rw-r--r--security/manager/ssl/nsSiteSecurityService.cpp9
2 files changed, 4 insertions, 10 deletions
diff --git a/security/manager/ssl/nsISiteSecurityService.idl b/security/manager/ssl/nsISiteSecurityService.idl
index b61577152..6b2e47d38 100644
--- a/security/manager/ssl/nsISiteSecurityService.idl
+++ b/security/manager/ssl/nsISiteSecurityService.idl
@@ -106,13 +106,10 @@ interface nsISiteSecurityService : nsISupports
* @param aURI the URI of the target host
* @param aFlags options for this request as defined in nsISocketProvider:
* NO_PERMANENT_STORAGE
- * @param force if set, forces no-HSTS state by writing a knockout value,
- * overriding any preload list state
*/
void removeState(in uint32_t aType,
in nsIURI aURI,
- in uint32_t aFlags,
- [optional] in boolean force);
+ in uint32_t aFlags);
/**
* See isSecureURI
diff --git a/security/manager/ssl/nsSiteSecurityService.cpp b/security/manager/ssl/nsSiteSecurityService.cpp
index 922202527..ab2a3dd0b 100644
--- a/security/manager/ssl/nsSiteSecurityService.cpp
+++ b/security/manager/ssl/nsSiteSecurityService.cpp
@@ -326,11 +326,9 @@ nsSiteSecurityService::SetHSTSState(uint32_t aType,
return NS_OK;
}
- // If max-age is zero, the host is no longer considered HSTS. If the host was
- // preloaded, we store an entry indicating that this host is not HSTS, causing
- // the preloaded information to be ignored.
+ // If max-age is zero, the host is no longer considered HSTS.
if (maxage == 0) {
- return RemoveState(aType, aSourceURI, flags, true);
+ return RemoveState(aType, aSourceURI, flags);
}
MOZ_ASSERT((aHSTSState == SecurityPropertySet ||
@@ -358,8 +356,7 @@ nsSiteSecurityService::SetHSTSState(uint32_t aType,
}
NS_IMETHODIMP
-nsSiteSecurityService::RemoveState(uint32_t aType, nsIURI* aURI,
- uint32_t aFlags, bool force = false)
+nsSiteSecurityService::RemoveState(uint32_t aType, nsIURI* aURI, uint32_t aFlags)
{
// Child processes are not allowed direct access to this.
if (!XRE_IsParentProcess()) {